06 October 2011 | 9,808 views

CIAT – The Cryptographic Implementations Analysis Toolkit

Cybertroopers storming your ship?

The Cryptographic Implementations Analysis Toolkit (CIAT) is a compendium of command line and graphical tools whose aim is to help in the detection and analysis of encrypted byte sequences within files (executable and non-executable). It is particularly helpful in the forensic analysis and reverse engineering of malware using cryptographic code and encrypted payloads.

This was an interesting find because it wasn’t too long ago I published a post about Mediggo, a Tool To Detect Weak Or Insecure Cryptosystems Using Generic Cryptanalysis Techniques.


Windows Binaries included in this distribution as well as supporting libraries were compiled using gcc, Mingw and Msys.

Linux binaries were compiled using gcc 4.1.2. They were tested from command line in machine with Windows Vista Home Premium (32 bit + SP1) and on Linux Gentoo 2008.0 X86 operating systems.

They should run without problems in any computer with Windows 2000, XP or VISTA 32bit and any Linux x86 with Mesa3-D, but I cannot guarantee that. If you have problems with these
binaries or want to run the programs in other platform you’ll need to compile them yourself.


Version 1.02 includes standard configuration scripts for Unix like systems. The old Makefile (Makefile.linux32) is still included; if you use Windows I suggest you use MINGW+MSYS.

You can download CIAT v1.02 here:


Or read more here.


Recent in Cryptography:
- ISIS Running 24-Hour Terrorist Crypto Help-desk
- KeeFarce – Extract KeePass Passwords (2.x) From Database
- ProtonMail DDoS Attack – Sustained & Sophisticated

Related Posts:
- PACK – Password Analysis & Cracking Kit
- raWPacket HeX – Network Security Monitoring & Analysis LiveCD
- Microsoft Enhanced Mitigation Evaluation Toolkit (EMET) 3rd Party GUI

Most Read in Cryptography:
- The World’s Fastest MD5 Cracker – BarsWF - 47,470 views
- Hackers Crack London Tube Oyster Card - 44,125 views
- WPA2 Vulnerability Discovered – “Hole 196” – A Flaw In GTK (Group Temporal Key) - 32,581 views

Low-cost VPS Hosting

Comments are closed.